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(57) An electronic signature technology for attach- 
ing an electronic signature to an electronic file contain- 
ing a document having a structure is provided, wherein 
a level of electronic file equivalence, a level of document 
structure equivalence and a level of document structure 
partial equivalence can be set and evaluated. A target 
document is analyzed to generate a representation hav- 
ing a structure. Next, a signature is generated from each 
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of Structural elements of the structure of the generated 
representation, and the generated signatures (ciphers) 
are concatenated into a single signature corresponding 
to the structure of the generated representation. Also, 
the electronic file having the generated electronic sig- 
nature is verified to find from the contents of the signa- 
tures, at least (1) electronic file equivalence; (2) docu- 
ment structure equivalence; and (3) a coincidence rate, 
depending on a processing request. 
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Description 

[0001 ] The present invention relates generally to elec- 
tronic signature (digital signature) technology utilized to 
ensure authenticity of an electronic file, and more par- 
ticularly, to electronic signature technology applied to an 
electronic file which contains a document having a struc- 
ture. 

[0002] Electronic signature technology utilizes public 

key cryptosystem to certify that the contents of an elec- 
tronic file have not been modified after an electronic sig- 
nature was attached to the file. IVIore specifically, for ex- 
ample, an electronic file or its digest is encrypted by a 
sender's private key, and its encrypted value is sent to- 
gether with the original electronic file to a recipient, who 
decrypts the encrypted value by the sender's public key 
to see that the decrypted value is equal to the original 
electronic file or its digest, whereby it is certified that the 
contents of the original electronic file have not been 
modified. 

[0003] Although the aforementioned conventional 
electronic signature technology can verify content 

equivalence between an electronic file and its encrypted 
electronic file, it cannot be used to verify document 
structure equivalence between files when the files con- 
tain a document having a structure. 
[0004] Therefore, where there is document structure 
equivalence between electronic files although the elec- 
tronic files are not equivalent to each other in terms of 
contents, the conventional technology can only verify 
that the contents of the electronic files do not match. 
[0005] Further, as the conventional technology can 
describe only two kinds of states, i.e., equivalent or not 
equivalent, there is no way of knowing exactly which part 
of a document structure is different between files and 
how different they are, etc. when it transpires that the 
files are not equivalent. 

[0006] In view of the situation as mentioned above, it 
is an object of the present invention to provide electronic 
signature technology to be applied to an electronic file 
containing a document having a structure, according to 
which a level of equivalence such as electronic file 
equivalence, document structure equivalence, docu- 
ment structure partial equivalence, etc. can be evaluat- 
ed. 

[0007] To achieve the above object, the present in- 
vention provides a method and apparatus for attaching 
an electronic signature to an electronic file containing a 
document having a structure, wherein a signature is 
generated from each structural element of a target doc- 
ument. 

[0008] According to the electronic signature method 
of the present invention, first, a target document having 
a structure is analyzed to generate a representation us- 
ing structural elements and then, a signature (encrypted 
structural element) is generated from each of structural 
elements of the generated representation and the thus 
generated signatures (ciphers) are concatenated to 



form a single signature corresponding to the structure 
of the document. A method of encrypting each structural 
element does not have to be limited to any particular 
method, and any common cipher generation method 
5 may be employed. 

[0009] Further, according to the electronic signature 
method of the present invention, an electronic file with 
a generated electronic signature is verified and depend- 
ing on a processing request, at least (1) electronic file 
10 equivalence, (2) document structure equivalence and 
(3) a coincidence rate between electronic files are found 
from the contents of the signature. 
[0010] The electronic signature apparatus according 
to the present invention comprises electronic signature 
15 generator 11 and electronic signature analyzer 12, as 
illustrated in Fig. 1. The electronic signature generator 
11 comprises parser unit 14 for analyzing target docu- 
ment having a structure 1 3 to generate a representation 
using structural elements; cipher generator unit 15 for 
20 generating a signature from each of structural elements 
generated by the parser unit 14; and signature genera- 
tor unit 16 for concatenating the generated signatures 
(ciphers) into a single signature corresponding to the 
structure of the document. 
25 [0011] The electronic signature analyzer 12 similarly 
comprises parser unit 1 8 and signature analyzer unit 1 9 
in order to verify electronic file 17 having a generated 
electronic signature. The signature analyzer unit 1 9 has 
at least three functions to perform in response to a re- 
30 quest for processing, i.e. (1) function 21 of verifying 
electronic file equivalence ; (2) function 22 of verifying 
document structure equivalence ; and (3) function 23 of 
deriving a coincidence rate. 

35 Fig. 1 is a conceptual diagram illustrating an elec- 
tronic signature apparatus and the flow of process 
performed thereby; 

Fig. 2 is a diagram illustrating a tree structure of a 

document; 

40 Fig. 3 is a diagram showing an example of a struc- 
ture of an XML file; 

Fig. 4 is a diagram showing an example of a struc- 
ture of a file which is equivalent to the structure of 
file shown in Fig. 3 in terms of XML although they 
45 are different files; 

Fig. 5 is a diagram showing a document and a ci- 
pher corresponding to each structural element of 
the document; 

Fig. 6 is a diagram showing an example of a format 
50 for concatenating electronic signatures (ciphers); 

Fig. 7 is a diagram showing an XML file to which an 
electronic signature is attached; 
Fig. 8 is a block diagram illustrating an example of 
a configuration of a system in which the present in- 
55 vention is reduced to practice; 

Fig. 9 is a block diagram illustrating an example of 
a system configuration of an application example of 
the present invention; 
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Fig. 1 0 is a diagram sliowing an example of a con- 
figuration.xml file to which an electronic signature 
is added; 

Fig. 11 is a diagram showing an example of modifi- 
cation to a configuration. xml file; and 
Fig. 12 is a diagram showing another example of 
modification to a configuration. xml file. 

[0012] First, reference is made to a "document having 
a structure", which constitutes a subject of a method and 
apparatus of the present invention. A normal document 
consists of chapters, sections and paragraphs, which 
may be diagrammatically represented as a tree struc- 
ture as illustrated in Fig. 2. The electronic signature 
method and apparatus according to the present inven- 
tion are directed to an electronic file containing a docu- 
ment that can be represented in the form of such a tree 
structure. 

[0013] A file described in XML may be cited as an ex- 
ample of a document having such a tree structure. An 
example of an XML file is shown in Fig. 3. 
[0014] In the shown example, the XML file contains 

information called "white space", that is, information 
about tab, line feed, etc. to represent indentation. Since 
XML permits the use of a white space in so far as the 
white space does not change a document structure, de- 
letion of such information from this XML file does not 
affect its document structure per se. Fig. 4 shows the 
XML file with the white spaces being deleted, which is 
the same as the XML file shown in Fig. 3 in terms of a 
document structure. However, when these files in Figs. 
3 and 4 are compared to each other simply as files, they 
are considered to be different. 

[0015] Conventionally, whether or not two XML files 
are equivalent in terms of a document structure has 
been judged by analyzing them by means of an XML 
Parser, generating the result of the analysis in the form 
of DOM objects and comparing the thus generated DOM 
objects to see if they are equivalent. On the other hand, 
according to the electronic signature method and appa- 
ratus of the present invention, the files in Figs. 3 and 4 
have different signature codes representing a file al- 
though they have the same signature codes represent- 
ing a document structure. Thus, by employing the 
present method and apparatus, it is possible to learn 
from the signature codes that these files are different in 
file contents and yet equivalent in terms of a document 
structure. 

[0016] Fig. 5 shows an example of a signature of the 
aforementioned file and document structure. It is as- 
sumed here that Fig. 5 shows a result obtained by en- 
ciphering each structure element to be mapped to sev- 
enteen-digit decimal numerals. Next, asignature is gen- 
erated based on the enciphered information. Fig. 6 
shows a format for concatenating signatures (ciphers) 
to one another. In Fig. 6, a file signature code is a cipher 
indicative of coincidence in terms of a file, and "OxFF" 
is a delimiter for limiting a string of elements. Further, a 



depth code is a numerical value indicative of how much 
of a tree structure is ciphered to be contained in a sig- 
nature. More specifically, when a depth code is 0, it sig- 
nifies that ciphers to represent all the structural ele- 

5 ments of a tree structure are included in a signature. By 
enabling this code to be set, precision of reliability judg- 
ment of a document with an electronic signature can be 
varied depending on the level of depth. A node signature 
code is a cipher of each element. By adding the thus 

10 constructed signature to the file as a structure element 
of the document, a document with an electronic signa- 
ture shown in Fig. 7 is obtained. In the example shown 
in Fig. 7, a signature node, i.e.<Signature> ... </Signa- 
ture> is added, and a symbol "+" is used to concatenate 

^5 character strings for the sake of clarity of a construction 
of a signature, and the thus concatenated character 
strings constitute a signature. 

[0017] The electronic signature apparatus according 
to the present invention may be built on a computer sys- 
20 tem 86 which comprises a CPU 81 , a storage device 82, 
a file system 83, a display device 84 and an input device 
85, as illustrated in Fig. 8. In the file system 83, docu- 
ments having electric signature as their data are stored/ 
managed. Since the location of each document is not 
25 relevant to the substance of the present example, data 
may be placed in a database. 

[0018] In the system configuration as illustrated 
above, the electronic signature method and apparatus 
according to the present invention can treat a file stored 
30 in the file system 83 as a document having a structure 
and verify whether an unauthorized modification has 
been made to the file and which portion of the structure 
has been modified if it transpires that there has been an 
unauthorized modification. 
35 [0019] As a specific example of the aforementioned 
verification, reference is now made to an application ex- 
ample where an unauthorized operation of a system is 
prevented by verifying which portion of a file has been 
modified. 

40 [0020] According to the application example, a tool for 
automatically generating a configuration for accessing 
a database system generates a configuration file con- 
taining an electronic signature, whereby a user is noti- 
fied of an unauthorized modification on the file and the 
45 location of the unauthorized modification before access 
to the database system. 

[0021] Conventionally, a configuration file, which is 
automatically generated by a tool for automatically gen- 
erating a configuration for accessing a database sys- 
50 tem, does not support a modification made to a file by 
means of a method other than the tool. Usually, infor- 
mation indicative of whether or not a modification has 
been made to a file by a method other than the tool is 
not attached to a file. Besides, even if a conventional 
55 electronic signature is attached to such a configuration 
file, it can only show that a file has been modified and 
which portion of the file has been modified cannot be 
identified. Still further, as a conventional electronic sig- 
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nature can only verify that a file has been modified, even 
if the modification does not disadvantageously affect an 
operation in the light of structural information, it is still 
indicated by the signature that the modification has been 
unauthorized. Thus, processing performed by aconven- 
tional electronic signature is not adequate or thorough. 
[0022] Fig. 9 illustrates a system configuration of the 
above-described application example. Since the system 
illustrated in Fig. 9 comprises the system shown in Fig. 
8 and database system 91, like numerals denote like 
components in Figs. 8 and 9. In order for the computer 
system 86 to access the database system 91 , an appro- 
priate configuration must be provided. The system in 
Fig. 9 is provided with a tool (ConfigGenTool) 92 for au- 
tomatically generating such a configuration by interact- 
ing with a user. The tool 92 requests a user to enter in- 
formation necessary for accessing the database system 
and generates a configuration file on the basis of the 
thus input information. More specifically, the tool 92 ver- 
ifies that the computer system can access the database 
system 91 by the configuration and generates a config- 
uration file (Config.xml) 93. At the time of generation of 
the configuration file 93, a user can indicate whether or 
not to add an electronic signature of the present inven- 
tion to the configuration file 93 and also choose a depth 
code of the electronic signature which affects how ex- 
tensively and strictly a structure of the file is to be cov- 
ered by the electronic signature. Fig. 10 shows an ex- 
ample of the configuration file 93 to which an electronic 
signature is attached. In the example shown in Fig. 10, 
a signature of each structural element of a file and a 
signature of the file per se are both represented in sev- 
enteen-digit hexadecimal numbers. 
[0023] The thus generated configuration file 93 is ref- 
erenced by a database system access module (DBAc- 
cessor) 94, which is activated when the computer sys- 
tem actually accesses the database system 91. In this 
event, when an electronic signature is included in the 
configuration file 93, the module 94 verifies its authen- 
ticity before it accesses the database system 91 . When 
the configuration file 93 has been modified as shown in 
Fig. 11, the module 94 performs normal database ac- 
cess processing because the file of Fig. 11 coincides 
with the original file of Fig. 10 in terms of a structure, 
though the file of Fig. 11 is considered to be unauthor- 
ized in terms of a file coincidence, i.e. the files in Figs. 
1 0 and 1 1 do not match. In other words, since the mod- 
ification of the file in Fig. 1 0 to the file in Fig. 11 consti- 
tutes mere deletion of tabs and line feed codes, which 
are white spaces according to the XML specification, the 
files in Figs. 10 and 11 are equivalent in terms of XML 
[0024] On the other hand, when the configuration file 
93 has been modified as indicated by the underline in 
Fig. 12, the module 94 can identify the modified portion 
in the file in Fig. 12 which does not coincide with the 
corresponding portion in the original file in Fig. 10 and 
notify a user by displaying a message "The designated 
provider is not authorized", before starting access 



processing. Thus, by using an electronic signature of the 
present invention in a configuration file for accessing a 
database system, a portion that has become unauthor- 
ized as a result of modification can be specifically indi- 
5 cated, whereby an unauthorized access can be avoid- 
ed. 

[0025] Further, the use of the electronic signature 
method and apparatus of the present invention enables 
determination as to whether each of structural elements 

10 of an electronic file containing a document having the 
above-described structure coincides with that of the 
original electronic file, whereby a coincidence rate or 
non-coincidence rate with respect to an entire structure 
as opposed to each structural element can be calculated 

15 and the system can be controlled with reference to the 
thus calculated rate. 

[0026] As appreciated from the foregoing, according 
to the present electronic signature method and appara- 
tus, electronic signatures can be extracted and com- 
20 pared, so that it becomes possible to verify equivalence 
between electronic files containing a document having 
astructure such as file equivalence and document struc- 
ture equivalence and also find a coincidence rate be- 
tween files. 

25 

Claims 

1. An electronic signature method comprising the 
30 steps of: 

analyzing a target document to generate a rep- 
resentation having a structure; 
generating an electronic signature from each 
35 structural element of the structure of the gen- 

erated representation; and 
concatenating the generated electronic signa- 
tures into a single signature corresponding to 
the structure of the generated representation. 

40 

2. An electronic signature method according to claim 
1 , further comprising the step of setting a level of 
attachment of electronic signatures to structural el- 
ements of the document, whereby precision of reli- 

45 ability judgment of a document with an electronic 
signature can be varied depending on the level. 

3. An electronic signature method according to claim 
1 or 2, wherein a rate of coincidence between the 

50 target document and the target document with an 
electronic signature is found from a rate of structural 
elements having authenticated electronic signa- 
tures to the whole structure. 

55 4. A method according to claim 1, 2 or 3, wherein said 
concatenating step includes putting the generated 
electronic signatures in a row. 
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5. An electronic signature apparatus comprising: 

means for analyzing a target document to gen- 
erate a representation having a structure; 
means for generating an electronic signature 5 
from each structural element of the structure of 
the generated representation; and 
means for concatenating the generated elec- 
tronic signatures into a single signature corre- 
sponding to the structure of the generated rep- io 
resentation. 

6. An electronic signature apparatus according to 
claim 5, wherein a level of attachment of electronic 
signatures to structural elements of the document ^5 
can be set by said means for generating an elec- 
tronic signature, whereby precision of reliability 
judgement of a document with an electronic signa- 
ture can be varied depending on the level. 

20 

7. An electronic signature apparatus according to 
claim 5 or 6, wherein said means for concatenating 
puts the generated electronic signatures in a row. 

8. An electronic signature apparatus according to 25 
claim 5, 6 or 7, further comprising: 

means for analyzing the structure of the target 
document to verify the target document having 
the generated electronic signature; and so 
means for analyzing each of the electronic sig- 
natures of the structural elements of the target 
document. 

9. An electronic signature apparatus according to 35 
claim 8, wherein said means for analyzing the elec- 
tronic signature determine a rate of coincidence be- 
tween the target document and the target document 
with an electrical signature from a rate of structural 
elements having authenticated electronic signa- 40 
tures to the whole structure. 

10. An electronic signature apparatus comprising: 

an electronic signature generator including: ^5 

means for analyzing a target document to 
generate a representation having a struc- 
ture; 

means for generating an electronic signa- 50 
ture from each structural element of the 
structure of the generated representation; 
and 

means for concatenating the generated 
electronic signatures into a single signa- 55 
ture corresponding to the structure of the 
generated representation; and 
an electronic signature analyzer including: 



means for analyzing a structure of the 
target document having the generated 
electronic signature; and 
means for analyzing the added elec- 
tronic signatures. 
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<? xml version="1.0" encoding="utf-8" ?> 
<Document> 

<Chapter 1> 

<Section l>...</Section 1> 
<Section 2>...</Section 2> 
</Chapter 1> 
<Chapter 2> 

<Section l>...</Section 1> 
<Section 2>...</Section 2> 
<Section 3>...</Section 3> 
</Chapter 2> 
</Document> 



[Fig.3] 



<? xml ver8ion=="1.0" encoding=^'utf-8" ?> 

<Document><Chapter l><Sect.l>...<;/Sect.l><Sect.2>...</Sect.2></Chapter 1> 
<Chapter 2><Sect. 1>. . . </Sect. IxSect. 2>. . . <;/Sect.2><Sect. 3>. . . </Sect. 3x/Chapter 2> 
</Document> 



[Fig.4] 
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<? xml version="1.0'' encoding="utf-8" ?> 




<Document> 




<Chapter 1> 


> 01424442344653994 


<Sect . 1>. . .</Sect. 1> 


> 10458043242424234 


<Sect.2>...</Sect,2> 


> 15357989849284423 


</Chapter 1> 




<Chapter 2> 


01643544098078423 


<Sect.l>...</Sect.l> 


10572839792742349 


<Sect.2>...</Sect.2> 


17932032304804822 


<Sect.3>. ..</Sect.3> 


15239759890098203 


</Chapter 2> 




</Document> 





[Fig.5] 
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' <? xml version=''1.0" eiicoding=''utf-ff' ?> 
<Document> 

<Chapter 1> 

<Sect.l>...</Sect.l> 

<Sect.2>...</Sect.2> 
<;/Chapter 1> 
<Chapter 2> 

<Sect.l>...</Sect.l> 

<Sect.2>,..</Sect.2> 

<Sect.3>...</Sect3> 
</Chapter 2> 

<Signature>31233123125443242+0xFF+0x0(H01424442344553994 
+OxFF+10458043242424234+OxFF+15357989849284423+OxFF4-016435440 
98O78423+0xFP+lO572839792742349+0xFF+17932O32304804822+OxFF+l 
5239759890098203</Signature> 
</Document> 
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<?xiiil version="1. 0" encoding="utf-8"?> 

<OLEDBSetting> 

<Provider>SQLOLEDB. 1</Provider> 

<lntegratedSecurity>SSPI</lntegratedSecurity> 

<Pers i stSecur i ty I nf o>Fa I sfi</Pers i s tSecur i ty I nf o> 

<lnmalCataiog>Northwind</lnitialCatalog> 

<DataSource>DARKSTAR</DataSource> 

<UseProcedureforPrepare>l</UseProcedureforPrepare> 

<AutoTrans late>True</AutoTrans I ate> 

<PacketS i ze>4096</PacketS i ze> 

<IVorkstat ion ID>DARKSTAR</Vlorkstat i on I D> 

<Signature>032423afb432ef432ff00ff153453adb432e532ff 

f1443f0988fe080809ff153452f4b2ed42304ff1543409888d8eba34ff10 

98043242a988edbf f 1 143298ef OaObOcdOf f 1 8aaadbc443298753f f 1 5432 

42d9009e7bc3ff125438aOfOdOe0083</Signature> 

</OLEDBSetting> 





[Fig. 10] 
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<?xinl version="1. 0" encoding="utf-8"?> 

<OLEDBSet t i ngXProv i der>SQLOLEDB. 1 </Prov i derX I n t egra tedSecu 

r i ty>SSPI</ 1 n tegra tedSecur i tyXPers i s tSecur i ty I nf o>Fa I se</Pe 

rsistSecuritylnfoXlnitialCatalog>Northwind</lni tialCatalog) 

<DataSource>DARKSTAR</DataSourceXUseProcedureforPrepare>1</ 

UseProcedureforPrepareXAutoTranslate>True</AutoTranslateXP 

acketSize>4096</PacketSjzeXWorkstationlD>DARKSTAR</Workstat 

ionlDXSignature>032423afb432ef432ff00ff153453adb432e532fff1 

443f0986fe080809ff153452f4b2ed42304ff1543409888d8eba34ff10g8 

043242a988edbff1143298ef0a0b0cd0ff18aaadbc443298753ff1543242 

d9009e7bc3f f 1 25438a0f Od0e0083</S i gnature) 

</OLEDBSetting> 



[Fig.ll] 



<?xiiil version="l. 0" encoding="utf-8"?> 

<OLEDBSetting> 

<Provider >Microsoft. Jet. OLEDB. 4. 0 </Provider> 

< I nt egra tedSecur i ty>SSP l</ I ntegratedSecur i ty> 

<PersistSecuri tylnfo>Faise</PersistSecuritylnfo> 

<lnitialCatal og>Northwind</l n i t i a I Cata I og> 

<Da t aSou r ce>DARKSTAR</Da t aSou r c e> 

<UseProcedureforPrepare>l</UseProcedureforPrepare> 

<AutoTrans I at e>True</AutoTrans I ate> 

<PacketS i ze>4096</PacketS i 2e> 

<Worksta t i on I D>DARKSTAR</Workstat i on I D> 

<S i gnatu re>032423af b432ef 432f f OOf f 1 53453adb432e532f f 

f1443f0988fe080809ff153452f4b2ed42304ff1543409888d8eba34ff10 

98043242a988edbff1143298ef0a0b0cd0ff18aaadbc4432g8753ff 15432 

42d9OO9e7bc3ff125438a0fOd0e0083</Signature> 

</OLEDBSetting> 



[Fig. 12] 
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(54) Method and apparatus for attaching electronic signature to document having structure 



(57) An electronic signature technology for attach- 
ing an electronic signature to an electronic file contain- 
ing a document having a structure is provided, wherein 
a level of electronic file equivalence, a level of document 
structure equivalence and a level of document structure 
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